PKSFX self-extracting executable compressed file (.zip)
.zip file signature | application/zip
ZIP is a widely used compressed archive format originally created by Phil Katz and now maintained by PKWARE. It is used to package one or more files for distribution, backup, and transfer, and is supported by most operating systems, archive managers, and development tools. ZIP files are generally safe, but they can contain malicious executables or path-traversal entries; self-extracting variants are executable and should be treated cautiously when received from untrusted sources.
Magic Bytes
Offset 0
50 4B 03 04
Sources: Apache Tika, Wikipedia, Gary Kessler
All Known Signatures
7 signature variants are documented for .zip files across multiple sources.
| Hex Signature | Offset | Sources |
|---|---|---|
| 50 4B 03 04 | 0 | Apache Tika, Wikipedia, Gary Kessler |
| 50 4B 05 06 | 0 | Apache Tika, Wikipedia, Gary Kessler |
| 50 4B 07 08 | 0 | Apache Tika, Wikipedia, Gary Kessler |
| 50 4B 03 04 14 00 01 00 63 00 00 00 00 00 | 0 | Gary Kessler |
| 50 4B 4C 49 54 45 | 30 | Gary Kessler |
| 50 4B 53 70 58 | 526 | Gary Kessler |
| 57 69 6E 5A 69 70 | 29152 | Gary Kessler |
Extension
.zip
MIME Type
application/zip
Byte Offset
0
Risk Level
Safe
Validation Code
How to validate .zip files in Python
def is_zip(file_path: str) -> bool:
"""Check if file is a valid ZIP by magic bytes."""
signature = bytes([0x50, 0x4B, 0x03, 0x04])
with open(file_path, "rb") as f:
return f.read(4) == signatureHow to validate .zip files in Node.js
function isZIP(buffer: Buffer): boolean {
const signature = Buffer.from([0x50, 0x4B, 0x03, 0x04]);
return buffer.subarray(0, 4).equals(signature);
}How to validate .zip files in Go
func IsZIP(data []byte) bool {
signature := []byte{0x50, 0x4B, 0x03, 0x04}
if len(data) < 4 {
return false
}
return bytes.Equal(data[:4], signature)
}API Endpoint
/api/v1/zip
curl https://filesignature.org/api/v1/zip
See the full API documentation for all endpoints and parameters.
Related Formats
Frequently Asked Questions
What is a .zip file?
A .zip file is a PKSFX self-extracting executable compressed file file. ZIP is a widely used compressed archive format originally created by Phil Katz and now maintained by PKWARE. It is used to package one or more files for distribution, backup, and transfer, and is supported by most operating systems, archive managers, and development tools. ZIP files are generally safe, but they can contain malicious executables or path-traversal entries; self-extracting variants are executable and should be treated cautiously when received from untrusted sources.
What are the magic bytes for .zip files?
The magic bytes for PKSFX self-extracting executable compressed file files are 50 4B 03 04 at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.
How do I validate a .zip file?
To validate a .zip file, read the first bytes of the file and compare them against the known magic bytes (50 4B 03 04) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.
What is the MIME type for .zip files?
The primary MIME type for .zip files is application/zip.
Is it safe to open .zip files?
PKSFX self-extracting executable compressed file (.zip) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.